Nissan Motor Corporation has publicly confirmed a significant data breach stemming from unauthorized access to Red Hat servers. Managed by a third-party contractor responsible for developing a customer management system.
The incident exposed personal information for approximately 21,000 Nissan Fukuoka Sales Co., Ltd. customers. Red Hat, the contracted service provider, detected the unauthorized server access on September 26, 2025.
The company immediately revoked the attacker’s access and implemented countermeasures to prevent further intrusions.
21,000 Customers Affected by Auto Data Breach
However, notification to Nissan was delayed by a week. Red Hat informed Nissan Motor of the breach on October 3, 2025.
Prompting the automotive company to report the incident to the Personal Information Protection Commission on the same day.
The leaked dataset includes customer names, addresses, telephone numbers, and partial email addresses. Sales-related customer information is used by Nissan’s dealer network.
Notably, the breach did not include credit card information or payment details, significantly limiting the risk of financial fraud. The affected customer population comprises individuals who purchased vehicles or received service at the formerly named Fukuoka Nissan Motor Co., Ltd…
It has since rebranded as Nissan Fukuoka Sales Co., Ltd. Nissan stated it will individually notify affected customers and provide guidance on protective measures.
Currently, no evidence indicates that the compromised data has been exploited for fraudulent purposes or sold on underground markets.
Nevertheless, Nissan advised customers to remain vigilant against suspicious communications, including deceptive phone calls or fraudulent correspondence.
The automotive manufacturer confirmed that the Red Hat server environment does not contain customer data beyond the leaked dataset.
Eliminating concerns about additional breaches from the same infrastructure. In response to the incident, Nissan Motor announced it would strengthen oversight of contractors.
Enhance information security protocols across its operations. The company extended apologies to affected customers and business partners.
AI-Powered ISO 27001, SOC 2, NIST, NIS 2, and GDPR Compliance Checklist => Start for Free
